                                                         ripe- 85

                Guidelines for the delegation of zones
                   in the 193.in-addr.arpa domain

                           Marten Terpstra

                              May  1993

                             version 1.5


Introduction

This document describes the procedures for the delegation of  au-
thority  of  zones  in  the 193.in-addr.arpa domain.  As of March
16th 1993 the RIPE NCC has been delegated the authority  for  the
193.in-addr.arpa  domain  from the root.  Due to the fact that in
the 193.x.y address space blocks of 256 class C  network  numbers
are  further  delegated to local registries , the possibility ex-
ists to also delegate the zone for these blocks  in  the  193.in-
addr.arpa  domain.   This  document describes some guidelines and
procedures for this type of delegation and the delegation of  re-
verse zones for individual class C networks in 193.x.y.


A bit more explained

With the assignment of class C network numbers following the CIDR
(RFC  1338) model, in which large chunks of the address space are
delegated to one region, and within that region blocks of class C
network  numbers  are  delegated  to  service  providers and non-
provider registries, some  hierarchy  in  the  address  space  is
created,  similar to the hierarchy in the domain name space.  Due
to this hierarchy the reverse Domain Name System mapping can also
be  delegated  in  a  similar model as used for the normal Domain
Name System.  For instance, the RIPE NCC has  been  assigned  the
complete  class  C address space starting with 193.  It is there-
fore possible to delegate the 193.in-addr.arpa domain  completely
to the RIPE NCC, instead of each and every reverse mapping in the
193.in-addr.arpa domain to be registered with the INTERNIC.  This
implies  that  all 193.in-addr.arpa resistrations will be done by
the RIPE NCC.  Even better, since service providers receive  com-
plete  class C network blocks from the RIPE NCC, the RIPE NCC can
delegate the reverse registrations for such  complete  blocks  to
these  local  registries.   This  implies that customers of these
service providers no longer have to register their reverse domain
mapping  with  the  root, but the service provider have authority
over that part of the reverse mapping.  This decreases the  work-
load  on  the INTERNIC and the RIPE NCC, and at the same time in-
crease the service a provider can offer its customers by  improve
response  times  for  reverse mapping changes . However there are
some things that need to be examined a bit more closely to  avoid
confusion  and  inconsistencies.  These issues are covered in the
next section.


Procedures for the delegation of  direct  subdomains  of  193.in-
addr.arpa

1. A secondary nameserver at ns.ripe.net  is  mandatory  for  all
blocks  of  class  C  network  numbers  delegated  in the 193.in-
addr.arpa domain.

2. Because of the increasing importance of  correct  reverse  ad-
dress mapping, for all delegated blocks a good set of secondaries
must be defined.  There should be at least 2 nameservers for  all
blocks delegated, excluding the RIPE NCC secondary.

3. The delegation of a class  C  block  in  the  193.in-addr.arpa
domain  can  be  requested  by sending in a domain object for the
RIPE database to <hostmaster@ripe.net> with all necessary contact
and  nameserver  information.  The RIPE NCC will then forward all
current reverse zones inside this  block  to  the  registry,  and
after  addition  of these by the registry, the NCC will check the
working of the reverse server.  Once everything is setup  proper-
ly,  the NCC will delegate the block, and submit the database ob-
ject for inclusion in the database.  An example domain object can
be found at the end of this document.

4. All reverse servers for blocks  must  be  reachable  from  the
whole  of  the Internet.  In short, all servers must meet similar
connectivity requirements as top-level domain servers.

5. Running the reverse server for class C blocks does  not  imply
that  one  controls  that part of the reverse domain, it only im-
plies that one administers that part of the reverse domain.

6. Before adding individual nets, the administrator of a  reverse
domain  must  check wether all servers to be added for these nets
are indeed setup properly.

7. There are some serious implications when a customer of a  ser-
vice provider that uses address space out of the service provider
class C blocks, moves to another service provider.  The  previous
service  provider  cannot force its ex-customer to change network
addresses, and will have to continue to provide  the  appropriate
delegation  records  for reverse mapping of these addresses, even
though it they are no longer belonging to a customer.

8. The registration of the reverse zones for individual  class  C
networks  will  usually be done by the registry administering the
class C block this network has been assigned from.  The  registry
will  make the necessary changes to the zone, and update the net-
work objects in the RIPE database for these networks, to  reflect
the  correct  "rev-srv"  fields.  In case the RIPE NCC receives a
request for the reverse zone of an individual class C network out
of a block that has been delegated, the request will be forwarded
to the zone contact for this reverse block.

9. The NCC advises the following timers and counters  for  direct
subdomains  of 193.in-addr.arpa: 8 hours refresh (28800 seconds),
2 hours retry (7200 seconds), 7 days expire (604800 seconds)  and
1  day  Time To Live (86400 seconds). The retry counter should be
lowered where connectivity is unstable.

Above procedures are defined to ensure the necessary high availa-
bility  for  the  193 reverse domains, and to minimize confusion.
The NCC will ensure fast repsonse times  for  addition  requests,
and will in principle update the 193.in-addr.arpa domain at least
once per working day.

Example domain object to request a block delegation

domain:  202.193.in-addr.arpa
descr:   Pan European Organisations class C block
admin-c: Daniel Karrenberg
tech-c:  Marten Terpstra
zone-c:  Marten   Terpstra
nserver: ns.eu.net
nserver: sunic.sunet.se
nserver: ns.ripe.net
changed: marten@ripe.net 930319
source:  RIPE



Procedures for the delegation of individual network zones by  the
RIPE NCC.

The registration of the reverse zones for individual class C net-
works  will  usually  be  done  by the registry administering the
class C block this network has been assigned from.  In  case  the
zone  corresponding  to the class C block has not been delegated,
the RIPE NCC will automatically add  the  reverse  nameserver  as
specified  in the "rev-srv" attribute of the RIPE database object
for this network, using the following procedures:

1. Because of the increasing importance of  correct  reverse  ad-
dress  mapping,  for  all delegated networks a good set of secon-
daries must be defined.  There should be at least two nameservers
for all networks delegated.

2. The "rev-srv" field should ONLY contain  one  fully  qualified
domain  name  of  a nameserver which is authoritative for the re-
verse zone for this network.

3. If a network has or is going to have any external  connectivi-
ty,  it  is strongly recommended that it has at least one reverse
nameserver that can be reached from all of the Internet.

4. The checking and addition of the reverse zones for single net-
works  is  completely  automated at the RIPE NCC.  Although we do
our best to check the setup of the nameservers,  these  does  not
receive  the  same level of scrutiny as nameservers for blocks of
class C network numbers.  It is the responsibility of the network
contacts to ensure proper operation.

5. Any problems regarding the reverse zones  in  193.in-addr.arpa
should be directed to <hostmaster@ripe.net>.

The NCC also suggests that similar procedures are set up for  the
delegation  of reverse zones for individual class C networks from
the registries to individual organisations.